npm · registry.npmjs.org
@pixelbyte-software/pixcode
Js Hidden Powershell: Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers.
Why PkgRadar flagged 1.51.2
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Hidden Powershell | Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/dist-server/server/modules/providers/provider.routes.js |
| high | Js Hidden Powershell | Hidden / non-interactive PowerShell invocation in package code — `-WindowStyle Hidden`, `irm | iex`, `windowsHide: true`, or equivalent — used to download-and-run payloads on Windows installers. · package/server/modules/providers/provider.routes.ts |
| medium | Remote Payload | matched "Invoke-WebRequest" · package/dist-server/server/services/hermes-install-jobs.js |
| medium | Remote Payload | matched "Invoke-WebRequest" · package/server/services/hermes-install-jobs.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.51.2 | High risk | 99 | 2026-06-03 |
1.51.0 | High risk | 99 | 2026-06-03 |
1.51.1 | High risk | 99 | 2026-06-03 |
Block this in CI
pkgradar gate --ecosystem npm @pixelbyte-software/[email protected]